Описание
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 0.2.5-1.2ubuntu0.1 |
| devel | released | 0.2.5-1.3 |
| esm-infra-legacy/trusty | released | 0.2.2-5ubuntu2.1 |
| esm-infra/bionic | released | 0.2.5-1.2ubuntu0.1 |
| esm-infra/xenial | released | 0.2.5-1ubuntu0.1 |
| precise/esm | not-affected | 0.2.2-5ubuntu0.1 |
| trusty | released | 0.2.2-5ubuntu2.1 |
| trusty/esm | released | 0.2.2-5ubuntu2.1 |
| upstream | needs-triage | |
| xenial | released | 0.2.5-1ubuntu0.1 |
Показывать по
Ссылки на источники
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
A null-pointer dereference vulnerability was found in libtirpc before ...
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
Уязвимость функции makefd_xprt() библиотеки предоставления протокола RPC libtirpc, позволяющая нарушителю вызвать отказ в обслуживании
5 Medium
CVSS2
7.5 High
CVSS3